# create a new mirrorlist server
# NOTE: should be used with --limit most of the time
# NOTE: make sure there is room/space for this server on the vmhost
# NOTE: most of these vars_path come from group_vars/mirrorlist or from hostvars

- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml myhosts=mirrorlist2:mirrorlist2-stg:!mirrorlist-host1plus.fedoraproject.org"

- name: make the box be real
  hosts: mirrorlist2:mirrorlist2-stg
  user: root
  gather_facts: True

  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"
   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml

  pre_tasks:
  - name: Install policycoreutils-python
    package: name=policycoreutils-python state=present

  - name: Create /srv/web/ for all the goodies.
    file: >
        dest=/srv/web state=directory
        owner=root group=root mode=0755
    tags:
    - httpd
    - httpd/website

  - name: check the selinux context of webdir
    command: matchpathcon /srv/web
    register: webdir
    check_mode: no
    changed_when: "1 != 1"
    tags:
    - config
    - selinux
    - httpd
    - httpd/website

  - name: /srv/web file contexts
    command: semanage fcontext -a -t httpd_sys_content_t "/srv/web(/.*)?"
    when: webdir.stdout.find('httpd_sys_content_t') == -1
    tags:
    - config
    - selinux
    - httpd
    - httpd/website

  roles:
  - base
  - rkhunter
  - nagios_client
  - geoip
  - hosts
  - fas_client
  - collectd/base
  - mod_wsgi
  - httpd/mod_ssl
  - mirrormanager/mirrorlist2
  - sudo
  - { role: openvpn/client,
      when: env != "staging" }

  tasks:
  # this is how you include other task lists
  - import_tasks: "{{ tasks_path }}/yumrepos.yml"
  - import_tasks: "{{ tasks_path }}/2fa_client.yml"
  - import_tasks: "{{ tasks_path }}/motd.yml"


  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"
